Exploit on Harmony Horizon Bridge Causes $100 Million in Losses

Please note that we are not authorised to provide any investment advice. The content on this page is for information purposes only.

Harmony – one of the most promising blockchain protocols – has suffered a technical setback. The breach on the network led to a theft of about $100m worth of altcoins.

Harmony Horizon Bridge Is Down

In a Twitter thread, Harmony’s developers confirmed that the blockchain had suffered a security lapse on its Horizon Bridge. The breach caused the hackers to gain access to a treasure trove of altcoins, most of which they proceeded to swap for Ethereum.

The Horizon Bridge is a central feature in Harmony’s infrastructure. It helps to facilitate token transfers between the blockchain and other blockchain networks – including Bitcoin, Ethereum, and Binance Chain. Harmony focuses on seamless cross-chain functionality, and the Horizon Bridge is one of the features that make this functionality possible.

Blockchain analyses confirmed that the suspicious transactions were first recorded around 7:08 AM on June 23. They went on until about 7:26 PM, with a total of 11 transactions moving from the Horizon bridge. The transactions involved several tokens, including Frax (FRAX), Wrapped Ether (WETH), Aave (AAVE), Sushi (SUSHI), Binance Dollar (BUSD), and Tether (USDT).

The hackers appear to be sending these tokens to different wallets, swapping them for ETH on the UniSwap decentralised exchange (DEX) and sending the ETH back to their original wallet.

In what would most likely be one of the biggest blockchain hacks of the year, the hackers managed to net over $100 million. The developers of Horizon Bridge have confirmed that they’ve halted the bridge, although they also pointed out that the blockchain’s Bitcoin bridge wasn’t affected.

While they haven’t given much of an update on the issue, Harmony’s developers confirmed that they’ve been working with authorities and forensic specialists to determine who could be responsible.

Cross-Chain Platforms Still Vulnerable?

The Harmony hack is yet another example of the finicky relationship between blockchains and the thin line that cross-chain platforms try to walk as they operate.

In February, Wormhole – a bridge that allows users who buy cryptocurrency to send and receive tokens between multiple blockchains (including Ethereum, Solana, Polygon, and Binance Chain) – was hacked to the tune of $321 million at the time. The hack, which took place on the Solana side of the bridge, caused huge reactions across the market.

Then, in March, Axie Infinity – arguably the most popular blockchain gaming protocol in the crypto space – suffered one of the biggest attacks ever in the crypto market as hackers broke into its Ronin Bridge and stole over $612 million in assets.

The attack was reportedly due to a vulnerability in the Ronin bridge that allowed hackers to forge private keys and drain the platform of its funds. They managed to move 173,000 ETH and 25.5 million USDC tokens from the Ronin Bridge in just two transactions.

Issues like these have long been a concern for many in the blockchain space. Back in January, Ethereum co-founder Vitalik Buterin shared his grip on cross-chain bridges and platforms. He explained that their very nature makes them a security vulnerability.

In a Reddit session, Buterin explained that one of the biggest strengths of storing native assets on platforms is that the process provides immunity against 51% of attacks. And, in the case of established blockchains like Ethereum, even if the hacker does manage to control 51% of the network (a tall order in its own right), it would be impossible for them to propose blocks or take away investors’ crypto.

Sadly, cross-chain applications do not guarantee this same security. Buterin explained that an attacker could deposit ETH into a Solana bridge and get Solana–wrapped ETH (WETH).

Then, they could revert the transaction on the Ethereum side as soon as Solana confirms it. Because the tokens are no longer backed 1:1, this will cause massive losses for other users who invest in cryptocurrency and lock them in the SOL-WETH contract.

With more bridges added to the cross-chain network, Buterin believes this problem could worsen significantly.

Buy Crypto at eToro from just $50 Now!

1
$50
Mobile AppYes
  • Invest in a wide range of cryptocurrencies
  • Ability to copy more experienced investors and their decisions
  • eToro crypto wallet included which makes it beginner-friendly

About Jimmy Aki PRO INVESTOR

Based in the UK, Jimmy is an economic researcher with outstanding hands-on and heads-on experience in Macroeconomic finance analysis, forecasting and planning. He has honed his skills having worked cross-continental as a finance analyst, which gives him inter-cultural experience. He currently has a strong passion for regulation and macroeconomic trends as it allows him peek under the global bonnet to see how the world works.